5
5
IInnttrroodduuccttiioonn
7
Postfix version 2.3 introduces support for the Sendmail version 8 Milter (mail
8
filter) protocol. This protocol is used by applications that run outside the
9
MTA to inspect SMTP events (CONNECT, DISCONNECT), SMTP commands (HELO, MAIL
10
FROM, etc.) as well as mail content (headers and body). All this happens before
7
Postfix implements support for the Sendmail version 8 Milter (mail filter)
8
protocol. This protocol is used by applications that run outside the MTA to
9
inspect SMTP events (CONNECT, DISCONNECT), SMTP commands (HELO, MAIL FROM,
10
etc.) as well as mail content (headers and body). All this happens before mail
13
13
The reason for adding Milter support to Postfix is that there exists a large
14
14
collection of applications, not only to block unwanted mail, but also to verify
17
17
(DKIM), DomainKeys). Having yet another Postfix-specific version of all that
18
18
software is a poor use of human and system resources.
20
Postfix version 2.4 implements all the requests of Sendmail version 8 Milter
21
protocols up to version 4, including message body replacement (body replacement
22
is not available with Postfix version 2.3). See, however, the workarounds and
23
limitations sections at the end of this document.
20
The Milter protocol has evolved over time, and different Postfix versions
21
implement different feature sets. See the workarounds and limitations sections
22
at the end of this document for differences between Postfix and Sendmail
25
25
This document provides information on the following topics:
87
88
implements the Sendmail 8 Milter protocol. Postfix currently does not provide
88
89
such a library, but Sendmail does.
90
On some Linux and *BSD distributions, the Sendmail libmilter library is
91
installed by default. With this, applications such as dkim-milter and sid-
92
milter build out of the box without requiring any tinkering:
94
$ ggzzccaatt ddkkiimm--mmiilltteerr--xx..yy..zz..ttaarr..ggzz || ttaarr xxff --
95
$ ccdd ddkkiimm--mmiilltteerr--xx..yy..zz
97
[...lots of output omitted...]
99
On other platforms you have two options:
101
* Install the Sendmail libmilter object library and include files. On Linux
102
systems, libmilter may be provided by the sendmail-devel package. After
103
installing libmilter, build the Milter applications as described in the
106
* Don't install the Sendmail libmilter library, but build the library from
107
Sendmail source code instead:
91
* The first option is to use a pre-compiled library. Some systems install the
92
Sendmail libmilter library by default. With other systems, libmilter may be
93
provided by a package (called "sendmail-devel" on some Linux systems).
95
Once libmilter is installed, applications such as dkim-milter and sid-
96
milter build out of the box without requiring any tinkering:
98
$ ggzzccaatt ddkkiimm--mmiilltteerr--xx..yy..zz..ttaarr..ggzz || ttaarr xxff --
99
$ ccdd ddkkiimm--mmiilltteerr--xx..yy..zz
101
[...lots of output omitted...]
103
* The other option is to build the libmilter library from Sendmail source
109
106
$ ggzzccaatt sseennddmmaaiill--xx..yy..zz..ttaarr..ggzz || ttaarr xxff --
110
107
$ ccdd sseennddmmaaiill--xx..yy..zz//lliibbmmiilltteerr
250
247
application errors. The default action is to respond with a temporary error
251
248
status, so that the client will try again later. Specify "accept" if you want
252
249
to receive mail as if the filter does not exist, and "reject" to reject mail
253
with a permanent status.
250
with a permanent status. The "quarantine" action is like "accept" but freezes
251
the message in the "hold" queue, and is available with Postfix 2.6 or later.
255
253
/etc/postfix/main.cf:
256
# What to do in case of errors? Specify accept, reject, or tempfail.
254
# What to do in case of errors? Specify accept, reject, tempfail,
255
# or quarantine (Postfix 2.6 or later).
257
256
milter_default_action = tempfail
259
258
MMiilltteerr pprroottooccooll vveerrssiioonn
261
260
As Postfix is not built with the Sendmail libmilter library, you may need to
262
261
configure the Milter protocol version that Postfix should use. The default
263
version is 2. Other protocol versions are 3 and 4 (Postfix 2.3 and later), and
264
6 (Postfix 2.5 an later).
262
version is 6 (before Postfix 2.6 the default version is 2).
266
264
/etc/postfix/main.cf:
267
# 2.3 <= Postfix <= 2.5
267
268
milter_protocol = 2
269
270
If the Postfix milter_protocol setting specifies a too low version, the
280
281
libmilter library simply hangs up without logging a warning, and you see a
281
282
Postfix warning message like one of the following:
283
postfix/smtpd[21045]: warning: milter inet:host:port: can't read packet
284
header: Unknown error : 0
285
postfix/cleanup[15190]: warning: milter inet:host:port: can't read packet
284
warning: milter inet:host:port: can't read packet header: Unknown error : 0
285
warning: milter inet:host:port: can't read packet header: Success
286
warning: milter inet:host:port: can't read SMFIC_DATA reply packet header:
287
No such file or directory
288
289
The remedy is to lower the Postfix milter_protocol version number.
290
291
MMiilltteerr pprroottooccooll ttiimmeeoouuttss
292
293
Postfix uses different time limits at different Milter protocol stages. The
293
table shows wich timeouts are used and when (EOH = end of headers; EOM = end of
294
table shows the timeout settings and the corresponding protocol stages (EOH =
295
end of headers; EOM = end of message).
296
297
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
297
|PPaarraammeetteerr |TTiimmee lliimmiitt|PPrroottooccooll ssttaaggee |
298
|PPoossttffiixx ppaarraammeetteerr |TTiimmee lliimmiitt|MMiilltteerr pprroottooccooll ssttaaggee |
298
299
|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
299
300
|milter_connect_timeout|30s |CONNECT |
300
301
|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
303
304
|milter_content_timeout|300s |HEADER, EOH, BODY, EOM |
304
305
|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
306
Beware: 30s may be too short for applications doing lots of DNS lookups.
307
However, if you increase the above timeouts too much, remote SMTP clients may
308
hang up and mail may be delivered multiple times. This is an inherent problem
309
with before-queue filtering.
307
Beware: 30s may be too short for Milter applications that do lots of DNS
308
lookups. However, if you increase the above timeouts too much, remote SMTP
309
clients may hang up and mail may be delivered multiple times. This is an
310
inherent problem with before-queue filtering.
311
312
SSeennddmmaaiill mmaaccrroo eemmuullaattiioonn
313
314
Postfix emulates a limited number of Sendmail macros, as shown in the table.
314
Different macros are available at different SMTP protocol stages (EOH = end-of-
315
header, EOM = end-of-message); their availability is not always the same as in
315
Some macro values depend on whether a recipient is rejected (rejected
316
recipients are available on request by the Milter application). Different
317
macros are available at different Milter protocol stages (EOH = end-of-header,
318
EOM = end-of-message); their availability is not always the same as in
316
319
Sendmail. See the workarounds section below for solutions.
318
321
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
319
|NNaammee |AAvvaaiillaabbiilliittyy |DDeessccrriippttiioonn |
320
|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
321
|i |DATA, EOH, EOM |Queue ID |
322
|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
323
|j |Always |value of myhostname |
322
|SSeennddmmaaiill mmaaccrroo |MMiilltteerr pprroottooccooll ssttaaggee |DDeessccrriippttiioonn |
323
|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
324
|i |DATA, EOH, EOM |Queue ID, also Postfix |
325
| | |queue file name |
326
|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
327
|j |Always |Value of myhostname |
324
328
|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
325
329
|_ |Always |The validated client name |
326
330
| | |and address |
336
340
|{client_connections}|CONNECT |Connection concurrency for|
337
341
| | |this client |
338
342
|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
339
| | |Client hostname, "unknown"|
340
|{client_name} |Always |when lookup or |
341
| | |verification fails |
343
| | |Client hostname |
344
| | |When address -> name |
345
|{client_name} |Always |lookup or name -> address |
346
| | |verification fails: |
342
348
|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
343
349
|{client_port} |Always (Postfix >=2.5) |Client TCP port |
344
350
|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
345
| | |Client name from reverse |
346
|{client_ptr} |CONNECT, HELO, MAIL, DATA|lookup, "unknown" when |
351
| | |Client name from address -|
352
|{client_ptr} |CONNECT, HELO, MAIL, DATA|> name lookup |
353
| | |When address -> name |
354
| | |lookup fails: "unknown" |
348
355
|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
349
356
|{cert_issuer} |HELO, MAIL, DATA, EOH, |TLS client certificate |
363
370
|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
364
371
|{mail_addr} |MAIL |Sender address |
365
372
|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
366
|{rcpt_addr} |RCPT |Recipient address |
373
|{mail_host} |MAIL (Postfix >= 2.6, |Sender next-hop |
374
| |only with smtpd_milters) |destination |
375
|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
376
|{mail_mailer} |MAIL (Postfix >= 2.6, |Sender mail delivery |
377
| |only with smtpd_milters) |transport |
378
|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
379
| | |Recipient address |
380
|{rcpt_addr} |RCPT |With rejected recipient: |
381
| | |descriptive text |
382
|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
383
| | |Recipient next-hop |
384
|{rcpt_host} |RCPT (Postfix >= 2.6, |destination |
385
| |only with smtpd_milters) |With rejected recipient: |
386
| | |enhanced status code |
387
|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
388
| | |Recipient mail delivery |
389
|{rcpt_mailer} |RCPT (Postfix >= 2.6, |transport |
390
| |only with smtpd_milters) |With rejected recipient: |
367
392
|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
368
393
|{tls_version} |HELO, MAIL, DATA, EOH, |TLS protocol version |
371
396
|v |Always |value of milter_macro_v |
372
397
|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
374
Postfix sends specific sets of macros at different SMTP protocol stages. The
399
Postfix sends specific sets of macros at different Milter protocol stages. The
375
400
sets are configured with the parameters as described in the table (EOH = end of
376
401
headers; EOM = end of message). The protocol version is a number that Postfix
377
402
sends at the beginning of the Milter protocol handshake.
379
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
380
|PPaarraammeetteerr nnaammee |PPrroottooccooll vveerrssiioonn|PPrroottooccooll ssttaaggee |
381
|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
382
|milter_connect_macros |2 or higher |CONNECT |
383
|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
384
|milter_helo_macros |2 or higher |HELO/EHLO |
385
|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
386
|milter_mail_macros |2 or higher |MAIL FROM |
387
|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
388
|milter_rcpt_macros |2 or higher |RCPT TO |
389
|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
390
|milter_data_macros |4 or higher |DATA |
391
|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
392
|milter_end_of_header_macros |6 or higher |EOH |
393
|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
394
|milter_end_of_data_macros |2 or higher |EOM |
395
|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
396
|milter_unknown_command_macros|3 or higher |unknown command|
397
|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
404
As of Sendmail 8.14.0, Milter applications can specify what macros they want to
405
receive at different Milter protocol stages. An application-specified list
406
takes precedence over a Postfix-specified list.
408
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
409
|PPoossttffiixx ppaarraammeetteerr |MMiilltteerr pprroottooccooll|MMiilltteerr pprroottooccooll ssttaaggee|
410
| |vveerrssiioonn | |
411
|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
412
|milter_connect_macros |2 or higher |CONNECT |
413
|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
414
|milter_helo_macros |2 or higher |HELO/EHLO |
415
|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
416
|milter_mail_macros |2 or higher |MAIL FROM |
417
|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
418
|milter_rcpt_macros |2 or higher |RCPT TO |
419
|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
420
|milter_data_macros |4 or higher |DATA |
421
|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
422
|milter_end_of_header_macros |6 or higher |EOH |
423
|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
424
|milter_end_of_data_macros |2 or higher |EOM |
425
|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
426
|milter_unknown_command_macros|3 or higher |unknown command |
427
|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
399
429
WWoorrkkaarroouunnddss
401
Content filters may break DKIM etc. signatures. If you use an SMTP-based
402
content filter, then you should add a line to master.cf with "-
403
o disable_mime_output_conversion=yes" (note: no spaces around the "="), as
404
described in the advanced content filter example.
431
* To avoid breaking DKIM etc. signatures with an SMTP-based content filter,
432
update the before-filter SMTP client in master.cf, and add a line with "-
433
o disable_mime_output_conversion=yes" (note: no spaces around the "="). For
434
details, see the advanced content filter example.
406
Sendmail Milter applications were originally developed for the Sendmail version
407
8 MTA, which has a different architecture than Postfix. The result is that some
408
Milter applications make assumptions that aren't true in a Postfix environment.
436
/etc/postfix/master.cf:
437
# =============================================================
438
# service type private unpriv chroot wakeup maxproc command
439
# (yes) (yes) (yes) (never) (100)
440
# =============================================================
441
scan unix - - n - 10 smtp
442
-o smtp_send_xforward_command=yes
443
-o disable_mime_output_conversion=yes
444
-o smtp_generic_maps=
410
446
* Some Milter applications use the "{if_addr}" macro to recognize local mail;
411
447
this macro does not exist in Postfix. Workaround: use the "{client_addr}"
420
456
X-SenderID: Sendmail Sender-ID Filter vx.y.z host.example.com <unknown-
423
This happens because those Milter applications expect that the queue ID is
424
known before the MTA accepts the MAIL FROM (sender) command. Postfix, on
425
the other hand, does not choose a queue file name until after it accepts
426
the first valid RCPT TO (recipient) command (Postfix queue file names must
427
be unique across multiple directories, so the name can't be chosen before
428
the file is created; if multiple messages were to use the same queue ID
429
simultaneously, mail would be lost).
431
If you experience the ugly header problem, see if a recent version of the
432
Milter application fixes it. For example, current versions of dkim-filter and
433
dk-filter already have code that looks up the Postfix queue ID at a later
436
To fix the ugly message header with sid-filter applications, we change the
437
source code, so that it does the queue ID lookup after Postfix receives the end
440
* Edit the filter source file (named sid-filter/sid-filter.c).
442
* Look up the smfilter table and replace mlfi_eoh by NULL.
444
* Look up the mlfi_eom() function and add code near the top that calls
445
mlfi_eoh() as shown by the bboolldd text below:
450
rreett == mmllffii__eeoohh((ccttxx));;
451
iiff ((rreett !!== SSMMFFIISS__CCOONNTTIINNUUEE))
452
rreettuurrnn rreett;;
456
* This was tested with sid-milter-0.2.10 and sid-milter-0.2.14.
458
To fix the ugly message header with other Milter applications, you will need to
459
do something like this:
461
* Edit the filter source file (typically named xxx-filter/xxx-filter.c or
464
* Look up the mlfi_eom() function and add code near the top shown as bboolldd
470
//** DDeetteerrmmiinnee tthhee jjoobb IIDD ffoorr llooggggiinngg.. **//
471
iiff ((ddffcc-->>mmccttxx__jjoobbiidd ==== 00 |||| ssttrrccmmpp((ddffcc-->>mmccttxx__jjoobbiidd,, JJOOBBIIDDUUNNKKNNOOWWNN)) ==== 00)) {{
472
cchhaarr **jjoobbiidd == ssmmffii__ggeettssyymmvvaall((ccttxx,, ""ii""));;
473
iiff ((jjoobbiidd !!== 00))
474
ddffcc-->>mmccttxx__jjoobbiidd == jjoobbiidd;;
477
/* get hostname; used in the X header and in new MIME boundaries */
481
* Different mail filters use slightly different names for variables. If the
482
above code does not compile, look for the code at the start of the mlfi_eoh
485
* This fixes only the ugly message header, but not the WARNING message.
486
Fortunately, many Milters log that message only once.
459
The problem is that Milter applications expect that the queue ID is known
460
before the MTA accepts the MAIL FROM (sender) command. Postfix does not
461
choose a queue ID, which is used as the queue file name, until after it
462
accepts the first valid RCPT TO (recipient) command.
464
If you experience the ugly header problem, see if a recent version of the
465
Milter application fixes it. For example, current versions of dkim-filter
466
and dk-filter already have code that looks up the Postfix queue ID at a
467
later protocol stage, and sid-filter version 1.0.0 no longer includes the
468
queue ID in the message header.
470
To fix the ugly message header, you will need to add code that looks up the
471
Postfix queue ID at some later point im time. The example below adds the
472
lookup after the end-of-message.
474
o Edit the filter source file (typically named xxx-filter/xxx-filter.c or
477
o Look up the mlfi_eom() function and add code near the top shown as bboolldd
483
//** DDeetteerrmmiinnee tthhee jjoobb IIDD ffoorr llooggggiinngg.. **//
484
iiff ((ddffcc-->>mmccttxx__jjoobbiidd ==== 00 |||| ssttrrccmmpp((ddffcc-->>mmccttxx__jjoobbiidd,, JJOOBBIIDDUUNNKKNNOOWWNN)) ==== 00))
486
cchhaarr **jjoobbiidd == ssmmffii__ggeettssyymmvvaall((ccttxx,, ""ii""));;
487
iiff ((jjoobbiidd !!== 00))
488
ddffcc-->>mmccttxx__jjoobbiidd == jjoobbiidd;;
493
o Different mail filters use slightly different names for variables. If
494
the above code does not compile, look elsewhere in the mail filter
495
source file for code that looks up the "i" macro value, and copy that
498
o This change fixes only the ugly message header, but not the WARNING
499
message. Fortunately, many Milters log that message only once.
488
501
LLiimmiittaattiioonnss
492
505
course the usual limitations of before-queue filtering will always apply. See
493
506
the CONTENT_INSPECTION_README document for a discussion.
495
* Postfix version 2.3 introduces support for Sendmail 8 milter protocol
496
versions 2, 3 and 4; Postfix version 2.5 adds support for protocol version
497
6, which is available with Sendmail 8.14. Support for other protocol types
498
or protocol versions may be added later.
500
* For applications that are written in C, you need to use the Sendmail
501
libmilter library. A Postfix replacement may be provided in the future.
503
* There are TWO sets of mail filters: filters that are used for SMTP mail
508
* The Milter protocol has evolved over time. Therefore, different Postfix
509
versions implement different feature sets.
511
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
512
|PPoossttffiixx|SSuuppppoorrtteedd MMiilltteerr rreeqquueessttss |
513
|_ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
514
| 2.6 |All Milter requests of Sendmail 8.14.0 (see notes below). |
515
|_ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
516
| |All Milter requests of Sendmail 8.14.0, except: |
517
| |SMFIP_RCPT_REJ (report rejected recipients to the mail filter), |
518
| 2.5 |SMFIR_CHGFROM (replace sender, with optional ESMTP parameters), |
519
| |SMFIR_ADDRCPT_PAR (add recipient, with optional ESMTP |
521
|_ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
522
| 2.4 |All Milter requests of Sendmail 8.13.0. |
523
|_ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
524
| 2.3 |All Milter requests of Sendmail 8.13.0, except: |
525
| |SMFIR_REPLBODY (replace message body). |
526
|_ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
528
* For Milter applications that are written in C, you need to use the Sendmail
531
* Postfix has TWO sets of mail filters: filters that are used for SMTP mail
504
532
only (specified with the smtpd_milters parameter), and filters for non-SMTP
505
533
mail (specified with the non_smtpd_milters parameter). The non-SMTP filters
506
534
are primarily for local submissions.
508
* When mail is filtered by non-SMTP filters, the Postfix cleanup(8) server
509
has to simulate the SMTP client CONNECT and DISCONNECT events, and the SMTP
510
client EHLO, MAIL FROM, RCPT TO and DATA commands. This works as expected,
511
with only one exception: non-SMTP filters must not REJECT or TEMPFAIL
512
simulated RCPT TO commands. When a non-SMTP filter REJECTs or TEMPFAILs a
513
recipient, Postfix will report a configuration error, and mail will stay in
536
When mail is filtered by non_smtpd_milters, the Postfix cleanup(8) server
537
has to simulate SMTP client requests. This works as expected, with only one
538
exception: non_smtpd_milters must not REJECT or TEMPFAIL simulated RCPT TO
539
commands. When this rule is violated, Postfix will report a configuration
540
error, and mail will stay in the queue.
516
542
* Postfix currently does not apply content filters to mail that is forwarded
517
543
or aliased internally, or to mail that is generated internally such as
523
549
command information; they have no access to the message header or body, and
524
550
cannot make modifications to the message or to the envelope.
526
* Postfix 2.3 does not support Milter requests to replace the message body.
527
Milter applications that request this unsupported operation will log a
530
application name: st_optionneg[134563840]: 0x3d does not fulfill action
552
* Postfix 2.6 ignores the optional ESMTP parameters in requests to replace
553
the sender (SMFIR_CHGFROM) or to append a recipient (SMFIR_ADDRCPT_PAR).
554
Postfix logs a warning message when a Milter application supplies such
557
warning: queue-id: cleanup_chg_from: ignoring ESMTP arguments "whatever"
558
warning: queue-id: cleanup_add_rcpt: ignoring ESMTP arguments "whatever"
560
* Postfix 2.3 does not implement requests to replace the message body. Milter
561
applications log a warning message when they need this unsupported
564
st_optionneg[134563840]: 0x3d does not fulfill action requirements 0x1e
533
566
The solution is to use Postfix version 2.4 or later.
535
* Postfix version 2.5 implements the Sendmail 8.14 features except:
536
SMFIP_RCPT_REJ (report rejected recipients to the mail filter),
537
SMFIR_CHGFROM (replace sender, with optional ESMTP command parameters), and
538
SMFIR_ADDRCPT_PAR (add recipient, with optional ESMTP command parameters).
540
568
* Most Milter configuration options are global. Future Postfix versions may
541
569
support per-Milter timeouts, per-Milter error handling, etc.